Category Archives: Internet Security Awareness|Phishing|Threat Intelligence

Author: Nathaniel Raymond Beginning in May 2023, Cofense has observed a large phishing campaign utilizing QR codes targeting the Microsoft credentials of users from a wide array of industries.  The most notable target, a major Energy company based in the US, saw about 29% of the over 1000 emails containing malicious QR codes. Other top […]

The post Major Energy Company Targeted in Large QR Code Campaign appeared first on Cofense.

Continue reading Major Energy Company Targeted in Large QR Code Campaign→

Author: Nathaniel Raymond Beginning in May 2023, Cofense has observed a large amount of QR code phishing campaigns targeting the Microsoft credentials of users from a wide array of industries.  The most notable target, a major Energy company based in the US, saw about 29% of the over 1000 emails containing malicious QR codes. Other […]

The post Major Energy Company Targeted in Large QR Code Phishing Campaign appeared first on Cofense.

Continue reading Major Energy Company Targeted in Large QR Code Phishing Campaign→

Author: Dylan Duncan A new phishing tactic utilizing Google Accelerated Mobile Pages (AMP) has hit the threat landscape and proven to be very successful at reaching intended targets. Google AMP is an open-source HTML framework used to build websites that are optimized for both browser and mobile use. The websites that we observed in these […]

The post Google AMP – The Newest of Evasive Phishing Tactic appeared first on Cofense.

Continue reading Google AMP – The Newest of Evasive Phishing Tactic→

Author: Dylan Duncan A new phishing tactic utilizing Google Accelerated Mobile Pages (AMP) has hit the threat landscape and proven to be very successful at reaching intended targets. Google AMP is an open-source HTML framework used to build websites that are optimized for both browser and mobile use. The websites that we observed in these […]

The post Google AMP – The Newest of Evasive Phishing Tactic appeared first on Cofense.

Continue reading Google AMP – The Newest of Evasive Phishing Tactic→

Today’s disruptive environment has caused small and medium-sized businesses (SMBs) to face unprecedented technological hurdles. And thanks to limited resources and a lack of cybersecurity experts, many SMBs are finding themselves even more vulnerable to costly attacks. As MSPs and MSSPs offer a range of essential services, businesses can reduce risks and optimize operations even […]

The post 3 Ways MSPs/MSSPs are Helping SMBs Do More with Less Around Email Security – Consolidation Without Compromise appeared first on Cofense.

Continue reading 3 Ways MSPs/MSSPs are Helping SMBs Do More with Less Around Email Security – Consolidation Without Compromise→

Today’s disruptive environment has caused small and medium-sized businesses (SMBs) to face unprecedented technological hurdles. And thanks to limited resources and a lack of cybersecurity experts, many SMBs are finding themselves even more vulnerable to costly attacks. As MSPs and MSSPs offer a range of essential services, businesses can reduce risks and optimize operations even […]

The post 3 Ways MSPs/MSSPs are Helping SMBs Do More with Less Around Email Security – Consolidation Without Compromise appeared first on Cofense.

Continue reading 3 Ways MSPs/MSSPs are Helping SMBs Do More with Less Around Email Security – Consolidation Without Compromise→

Executive Summary Each quarter, Cofense Intelligence has analyzed malware and credential phishing emails that reached users in environments protected by SEGs. This quarter we saw increases in credential phishing, Supermailer campaigns, NetSupport Manager RAT campaigns, and compromised domains to deliver malware via embedded URLs. In Q2 2023, Cofense Intelligence saw a slowdown in malicious email […]

The post 2023 Cofense Phishing Intelligence Trends Review: Q2 appeared first on Cofense.

Continue reading 2023 Cofense Phishing Intelligence Trends Review: Q2→

Executive Summary Each quarter, Cofense Intelligence has analyzed malware and credential phishing emails that reached users in environments protected by SEGs. This quarter we saw increases in credential phishing, Supermailer campaigns, NetSupport Manager RAT campaigns, and compromised domains to deliver malware via embedded URLs. In Q2 2023, Cofense Intelligence saw a slowdown in malicious email […]

The post 2023 Cofense Phishing Intelligence Trends Review: Q2 appeared first on Cofense.

Continue reading 2023 Cofense Phishing Intelligence Trends Review: Q2→

According to Microsoft’s recent threat brief, email still remains the #1 attack vector, but the good news is 98% of attacks can be prevented by implementing basic security measures.  To stay ahead of today’s most malicious threats, security teams need to vigilantly protect every main attack surface, including email, identity, endpoint, Internet of Things (IoT), cloud […]

The post Microsoft: 6 Key Security Vulnerabilities Putting Your Organization at Risk appeared first on Cofense.

Continue reading Microsoft: 6 Key Security Vulnerabilities Putting Your Organization at Risk→

Author: Max Gannon  Through the first six months of 2023, our Intelligence team has seen alarming changes in the email security and phishing landscape. Most notably, compared to both Q1 and Q2 of the previous two years, HTML attachments used in malicious phishing campaigns have increased dramatically, 168% and 450%, respectively.  This report will focus […]

The post HTML Attachments Used in Malicious Phishing Campaigns Skyrocket: Increase 168% from 2022 and 450% from 2021 appeared first on Cofense.

Continue reading HTML Attachments Used in Malicious Phishing Campaigns Skyrocket: Increase 168% from 2022 and 450% from 2021→